Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

An anonymous reader writes "According to British daily The Telegraph, Sir Tim Berners-Lee has warned that plans to monitor individuals' use of the internet would result in Britain losing its reputation as an upholder of web freedom. The plans, by Home Secretary Theresa May, would force British ISPs and other service providers to keep records of every phone call, email and website visit in Britain. Sir Tim has told the Times: 'In Britain, like in the US, there has been a series of Bills that would give government very strong powers to, for example, collect data. I am worried about that.' Sir Tim has also warned that the UK may wind up slipping down the list of countries with the most Internet freedom, if the proposed data-snooping laws pass parliament. The draft bill extends the type of data that internet service providers must store for at least 12 months. Providers would also be required to keep details of a much wider set of data, including use of social network sites, webmail and voice calls over the internet." Jimmy Wales doesn't seem to be a very big fan of the UK snooping either.

Google already collects all this data and much more. They have analytics and various scripts like jquery embedded on around 99.9% sites. Facebook handles the rest. With Google closely working with NSA and other agencies, who cares? They already have the data right there. Google is officially the internets big brother, already!

Uhm....First of all - Google collects data about my VOIP calls? I don't think so.Google is mostly only present on the web, not the rest of the internet.Even then, you have to be logged into a Google account.Even then, they don't collect data they don't care about.Even then, Google is one of the few countries that won't just hand whatever data over to the government that they ask for with no questions.

Even Google wouldn't want to retain every detail of everything a user does - ISPs certainly don't. I can only think of one place that would really love this idea - hard drive makers. Think about it - when everything you do is logged in detail, and that data has to be retained long-term, then the ISPs and government will have to store it somewhere. It's going to be Hard Disk, at least until it gets cut to tape.

First of all - Google collects data about my VOIP calls? I don't think so.

on Google Volce (not technically VoIP) and Google chat sure.

Well, duhh, yes - the service provider you're buying a service from knows you're buying that service. If you don't want google to know about it, use a different service provider (but then that service provider knows...). This is no different from how its always been, whether on the internet or not - the telco knows when you made a phone call through their network, the baker knows when you bought a loaf of bread from him.

They also sync your contacts for android

Only if you tell them to... You can happilly use an Android device without asking Google to sync your contacts if you want to.

not sure about the call history

Google only gets your call history if you ask them to back up all your data. Again, you don't have to use this functionality (personally, I back up my phone nightly using rsync over my wifi network, so I don't bother using Google's backup stuff).

I'll give you that one. They have DNS and email, but it's all optional.

So, just like all the stuff you said above - they provide some services, its up to you whether you use those services and if you do they are going to know something about you in the same way as anyone else providing those services would.

For email, they aren't saving anything more than any other webmail provider.

Google _do_ analyse your email content to target advertising at you, which is more than many other webmail providers (although I imagine the likes of yahoo and hotmail do the same these days).

Even then, they don't collect data they don't care about.

When they care about *logging wireless packets* from their Streetview cars, we can conclude that they care about almost all data

I would say that Google's attitude seems to be "lets collect as much data as we can, we might find a neat way of analysing it in the future". There are, of course, good and bad things about that. Afterall, people use Google's services precisely because they work really well, and a lot of that is down to Google figuring out how to analyse your data in new and useful ways (useful to *you* as well as them).

That said, I don't really see the big deal with the whole wireless logging thing. They caught some packets that were broadcast in the clear into a public space for anyone with a receiver to see. If people didn't want their network traffic to be seen by others they had ample opportunity to encrypt it *using the standard functionality of their router*. And even so, the streetview car is moving at speed, it won't capture more than a few packets so they're going to be hard pushed to get anything particularly scary from the data. The whole thing strikes me like someone standing in their front window naked and then complaining that someone who drove past caught a glimpse of them - if you don't like it you should've drawn the curtains.

If you don't want google to know about it, use a different service provider (but then that service provider knows...). This is no different from how its always been, whether on the internet or not - the telco knows when you made a phone call through their network, the baker knows when you bought a loaf of bread from him.

The difference between Google and other companies is that

1. Most companies don't claim to be interested in collecting data. You effectively have to trust them to delete the information when they no longer need it for billing and accounting. Google does save the data, and you have to trust them not to do anything evil with the data. The difference is that you have to trust the telephone company (ugh) for a short time, while you have to trust Google until its demise.

Google runs a CDN (Content distribution network) that hosts JQuery and it has become one of the main ways to include JQuery in your website. There are many advantages to this (since many websites all load Jquery from the same url, one cached version makes all those sites load quicker, etc), but the disadvantage is that since the file gets pulled directly from Google's webservers, they get to roughly monitor website traffic. The catch-22 is that most JQuery powered sites would be using Google Analytics (or s

Very, very few British MPs have to resign because of their goings-on, as the GP article reveals. It is almost always the associated crime that does them in. In the Profumo case (not mentioned) Profumo's mistake was to lie to Parliament. If he'd said "OK I was bonking Christine Keeler. Here's a picture. No, I didn't discuss secrets. Would you be thinking about the Navy budget, if you were shagging someone like that?" the Cabinet would have said "Ooh, yes, see what you mean old boy, lie low for a bit and we'l

It's hardly worth being a technical specialist in the British secret world. The real reason that Thatcher wanted Spycatcher banned was because it revealed just how badly technical experts were treated in comparison with the Old Etonians, and might have dampened recruitment. Here's a hint: If you are any good, you can easily earn more teaching maths in a UK secondary school than you can being a codebreaker for the Secret Services. No, I can't prove it, but I have good reason to believe it.

Data collection/mining/snooping/browser profiling is so commonplace that pointing the finger in one direction seems almost wrong.
Your data is already being sold to advertisers by your phone company, by any form you filled in your details, by any "free!" email account etc. So many different companies and bodies are collecting data and personally identifiable information that we're becoming apathetic to it.

We need strong legislation and standards to make sure data collection is kept to a necessary minimum

Actually, as anyone working in IT in the UK can attest, we have very strict rules on what you can do with people's data.

I've spent a whole day at 3 different jobs attending a Data Protection Awareness course.

Companies are also realising that the data they collect isn't quite as valuable as they once thought. That's why the big supermarkets that lead the way on this data mining with their loyalty cards are actually reducing the rewards they offer.

New technology brings new challenges, but to pretend we are slipping towards a 1984 state just betrays your ignorance of history which actually shows that the majority of movement is going towards increased rights.

Magna Carta only applied to the aristocracy at the time remember, and as recently as 1918 women couldn't vote here.

Well off the top of my head, Insurance Companies can no longer discriminate against you based on your sex.

Which is stupid, if you really think about it. Insurance should be based on one thing and one thing alone - the likelihood of you making a claim. Before that EU directive, that's essentially what was in place.

It's not stupid at all. Would you be happy for insurers to take into account race and sexuality? What if they found that men with big dicks were more dangerous? You want your dick measured so you can get a discount?

It's just the same argument about shops having 'No Blacks' signs in the window, only at a slightly less obviously 'wrong' end of the spectrum.

An insurance company can only go on personal driving history or generalities. This is just a new rule to stop them lumping all members of one group t

You clearly didn't read what I said, which was that insurance premiums should be calculated only on the likelihood of you making a claim. If you happen to be in a demographic that's less likely to make a claim, then you should pay less for insurance. What demographic that is is irrelevant.

What part of 'only on the likelihood of you making a claim' is so difficult to understand here? Maybe it's the 'only' part, since you keep banging on about ethnicity and sexuality. Did you notice I never identified a particular trait in anything I said? Or did you just read my words and interpret a layer of meaning that just doesn't exist?

You were arguing that not being able to discriminate on the grounds of sex was 'stupid':

Which is stupid, if you really think about it. Insurance should be based on one thing and one thing alone - the likelihood of you making a claim. Before that EU directive, that's essentially what was in place.

I am arguing that the EU directive is not stupid. Not sure any longer what you are now arguing about.

The directive you are implying has changed something for the worse relates to the gender of the applicant for the insurance. Any normal person would infer that you were criticising the directive and therefore approving of the discrmination the directive removed.

Did you ever stop to think that the directive actually causes discrimination, by essentially penalising a demographic that normally attracts lower premiums? Or did you fall into the trap of 'this treats both genders equally, therefore it must be good'? I'm willing to bet it was the latter.

Anecdotal, but over the last 10 years the number of women I see driving far too fast, carelessly, talking on mobile phones and running red lights is now up there with the men. And young women seem to be the worst; they drive just as fast as the male idiots, but with less attention to the road.

I suspect the insurance companies didn't argue the toss with the EU because the statistics were trending towards equality anyway.

I should clarify I'm an Australian, and our laws are still terribly lacking in that regard (and many others). Sorry to butt in on this uk story, you guys might be a shining light of freedom (we most defiantly are not).

Benign world controllers dealing with dissent by setting up island colonies where highly intelligent people can go and build their own societies, while running a strict hierarchical society which manages to keep almost all its citizens healthy and happy? I wish! My feeling at the end of reading BNW for the first time was "Helmholtz Watson, lucky bugger. How do we make this happen?".

Actually, as anyone working in IT in the UK can attest, we have very strict rules on what you can do with people's data.

There are indeed very strict rules. But what good are rules if they are not enforced?

As an example, an organisation I dealt with illegally sold my personal data to numerous "partners" (they asked me if I agreed to have my data passed to "partner companies", I declined, they did it anyway). A complaint has been filed with the ICO, and the ICO's response has been to write to the company in question telling them they shouldn't do that. That's it - the ICO are not interested in doing anything to enforce the data protection law except write sternly worded letters to people.

Meanwhile, whilst the original company has now stopped selling off my data, the companies they sold it to have sold it. And the ones they sold it to have sold it. There is no way for me to prevent that (now widespread) data being distributed further. Futhermore, these third party companies aren't even guilty of doing anything wrong since as far as they knew, I had agreed to have this data distributed (since thats what the first company told them).

What is needed is 2 things:1. Rules forbidding the sale of any personal data between companies.2. Actual enforcement of those rules and punishment for breaking them.

I am much happier with the likes of Google having my data than other companies - although Google may have a lot of my data, they don't sell it, so I pretty much know where it is, and if I don't like it I can cease using Google's services and make a formal request for them to destroy my personal data (which they are required to comply with under EU law). Most other companies that I have to deal with (e.g. my insurance company, etc.) are happy to sell the data on to other people, who will further sell it on and there's no longer any way for me to know who actually has this data any more. I *always* tick the "don't sell my data" box whenever I fill in a form, and yet my personal data is out there being bought and sold because a few companies have broken the law and ignored my preference. There is largely no way to know which companies have done this.

What is needed is 2 things:
1. Rules forbidding the sale of any personal data between companies.
2. Actual enforcement of those rules and punishment for breaking them.

what's needed is jailtime for the execs...it's the only way to get them to take things seriously... a fine on the company is merely seen as the cost of doing business and comes out of the customers pockets in the long run...

Another way to make them sit up and notice would be to legally require them to pay the fines from the shareholder's divid

Which "reputation as an upholder of web freedom" would that be? The one based on them censoring Wikipedia for showing an album cover? Or the one where you have to hand over encryption keys or be thrown in jail?

Fundamental difference:
Surveillance cameras are put on public streets
Networks were built and are managed by private corporations.
So you have two options:
Trust your government has your best interest at heart
Trust a business you are giving money to has your best interest at heart as it sells your info to your government...I think we are screwed!

Interesting. How do I encrypt a visit to the pharmacist, grocery store, or any other shop for that matter? Should I start wearing a balaclava? I believe that would cause more problems than it solves. How do I purchase stuff without being profiled? Maybe I should scratch all the markings of my currency bills to make sure they can't be tracked, and avoid using bank cards altogether, while stuffing said bills under my mattress? How do I encrypt my phone signal and how do I then make or receive calls from other

I dunno, when I was in London there were a LOT more than one every 50m. I noticed large clusters on nearly every street corner, plus the ones on the underground...never saw anything like it in NYC -- sure, there's a fair bit of private ones scattered about, but that's not the same thing. As far as city/police owned cameras, you'll maybe find one or two on high traffic street corners. Never seen even a single cluster like the ones that were so common in London...

The UK government loves to outsource - when it inevitably goes wrong, they can just say 'wasn't us!'

But they are still the ones who made the laws requiring a filter to be present, or at least coerced the ISPs to install one. If I outsource an assassination to a hitman, does that mean I can somehow disclaim responsibility?

Only for ISPs that provide services to government agencies and public bodies. There's no requirement that it's applied to private consumer connections, although the majority of ISPs have voluntarily implemented the filter service (provided by the Internet Watch Foundation [wikipedia.org]).

The UK government loves to outsource - when it inevitably goes wrong, they can just say 'wasn't us!'

The IWF list is a privately maintained list of censored sites which is voluntarilly(*) used by ISPs and content filtering companies. They are funded by donations(+) from these companies.

(*) "Voluntarilly" means "often forcibly required by the government". For example, until BECTA was dissolved, companies wanting to sell content filtering systems to schools were required to use the IWF list.(+) By "donations", I mean companies are required to "donate" somewhere from £1000 - £40000 per year if t

Even if you're not happy running an exit node, you can help speed up the Tor network by running a relay. All traffic through a relay is encrypted and kept within the Tor network, so you remain unidentifiable. It also helps obscure when you yourself are using Tor.

Assuming this tracking law gets in (which it seems it will eventually, as this isn't the first try for such a thing), then would it actually be a good time for everyone (inside the UK and International) to rent a virtual server some place (in the UK) and run an honest-to-goodness Tor exit node?

For us Brits, there's a risk of prosecution (although it's unclear to what extent). I'm sure "it's a Tor node, it's entirely public, and I personally didn't actually download all that stuff" might be enough defence to avoid life-changing legal action. IANAL, and I really have no clue what I'm talking about here.

However, for International folks, the worst than can really happen is that they shut down your VPS. You can then just go rent another one and be up and running in minutes.

Assuming this vaguely makes sense (particularly for non-UK residents), then we could conceivably have a "flood" of Tor-originated traffic to all manner of questionable web content flowing through our Royal pipework and into the ISP data logs, and into the Great Decentralised Central Government Database of Everything. I'm probably barking up the wrong dog here, but it seems interesting none the less.

Good luck with logging social network use. Facebook and Twitter at least seem to use https by default for me. Unless ISPs can force people to download trusted certificates for a proxy that decrypts, logs, then re-encrypts their facebook usage, they won't be seeing much.

Incidentally, I run my own mail server. I relay my mail through it using TLS, and it too uses opportunistic encryption when contacting other SMTP servers. My ISP sees nothing but encrypted data going past. Many public SMTP servers now are supporting opportunistic encryption and supports 256 bit encryption (in fact, if you want to pass a PCI-DSS ASV scan, then if your mail server supports encryption it must disable all weak ciphers).

(Disclaimer: I don't live in the UK, but I do live in a British crown territory - whether a similar law is passed here is not guaranteed, for example we don't have anything like the RIP Act)

"According to British daily The Telegraph, Sir Tim Berners-Lee has warned that plans to monitor individuals' use of the internet would result in Britain losing its reputation as an upholder of web freedom."

I assumed there was someone monitoring my use of the Internet, which is why I've always been cautious, at least with my home usage...

The source of this junk law is the European Union. It just so happens that the UK has implemented this directive. Others will follow suit if they haven't already!

"On 15 March 2006 the European Union adopted the Data Retention Directive, on "the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC".[1][2] The Directive requires Member States to ensure that communications providers retain, for a period of between 6 months and 2 years, necessary data as specified in the Directive"

It couldn't be that national governments get their European counterparts to push through unpopular directives?Or that Britain doesn't have a Veto.

You know you would think people would remember voting in Conservative MEP's and they are not aliens but members of the same political party that also has members in the national government. It wasn't Microsoft attacking Linux it was SCO much easier to attack the sock puppet.It's not the record labels making disproportionate attacks it's the RIAA.

Something that is not tcp, and encrypted (not just byte for byte,but with -bogus bytes- mixed in to round up the size of traffic, so all files under 128 bytes will be all the same size, 128 bytes so LEOs cannot even use file sizes to narrow down your access).

Something that talks to many servers to get the content.

This would require a whole new server design, or proxy wrapper to existing http servers, but yeah bittorrent http would work.

There are only few Upholders of Web Freedom in the UK. Sir Tim Berners-Lee OM, KBE, FRS, FREng, FRSA isn't one of them, since he's in Mass., USA. The Pirate Party UK [pirateparty.org.uk] is definitely one of them. With enough support it can also actually do something about it, instead of just being a forum of discontent, while tonight we'll just watch footy on the telly with a pint of ale in our hand.

There are also a large number of Irish people, a significant fraction of which used to sympathise with the the IRA......and we managed to resolve that issue without panopticon surveillance and giving up our human rights.

The only significant terrorist attacks in the UK have been carried out by white Christians, generally Irish. Since these attacks were largely funded by US Republicans eager to help "the folks back home", maybe we should be watching Americans too, since they think it's okay to commit terrorist acts.

Most people at the time seemed to be thinking "aw, there's some shit going on outside, let's leave via the international arrivals hall, it's closer to the car park anyway". I'm sure *some* people were freaking out, but most people weren't.

The whole point of terrorism is to instil terror. *NOT* to kill people. That's a side effect. While you react to them they're winning. So don't react. As Ben Franklin said, "Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety"

The 77 bomings were marginally effective. They killed people, but not very many (sucks for those people and their relatives, bit it's small compared to almost anything else) and certainly less than the IRA could muster. It also killed off the few compentent ones.

The other attacks proved utterly worthless. At best, the terrorists managed to hurt themselves, or get beaten up by passengers (with some considerable relish, I might add).

Otherwise, they served to demonstrate that London has truly effective traffi

Breivik believes himself to be a patriot and his actions were in defence of his country.It seems he hasn't managed to qualify as a madman either.

You see that is part of the problem. If we take the case of an earlier poster talking about the Muslim population in being a threat to England. Arguably that same poster might just see it as his patriotic duty to defend his country against the Muslim threat. Maybe he could become Englands Breivik. How do we know? Chances are someone liable to take action will list

Probably a depressingly large number. There are plenty of right wing extremist groups in the UK (BNP, NF, EDL, etc.), and I'm sure in the rest of the world, who might not have been entirely comfortable with a massacre of children at a summer camp, but sympathise with his motives. They invariably use their "Christian" identity as one of their defining features.

They'll still be only a tiny fraction of Christians as a whole, but on a simple count are a significant number people.

Hell, I bet if you were honest, you would say that you sympathize with his actions (without condoning them).

Don't be ridiculous, for one thing I cannot comprehend why he attacked a labour party camp, apparently all non-Muslims. Secondly even if he had attacked Muslims, this would be descending to their level. As I said, many Muslims disobey the Qur'an and Hadith by living peacefully with non-Muslims and treating them as equal. The security services should be ruthless in dealing with those supporting terror, people certainly shouldn't attack a mass group for the actions and belief of 6% of them.

Emphasis mine. And, you shouldn't attack a group of people for any percentage of them doing something you object to. Apart from being racist you're willingly giving up YOUR rights because of a false belief that because x% of people involved with religion/belief y that censorship and snooping is fine. You are wrong.